How do you remove a single iptable rule from a large ruleset? The easiest way is to delete the rule by the chain-name and the line-number. Here’s an example.
~# iptables -n -L --line-numbers Chain INPUT (policy ACCEPT) num target prot opt source destination Chain FORWARD (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT tcp -- 0.0.0.0/0 192.168.1.5 owner UID match 0 2 ACCEPT udp -- 0.0.0.0/0 192.168.1.6 owner UID match 0 ... 30 ACCEPT tcp -- 0.0.0.0/0 192.168.1.5 multiport dports 11211 31 ACCEPT tcp -- 0.0.0.0/0 192.168.1.5 multiport dports 11211 32 ACCEPT udp -- 0.0.0.0/0 192.168.1.6 multiport dports 11211 33 ACCEPT udp -- 0.0.0.0/0 192.168.1.6 multiport dports 11211 ...
If you want to delete a rule in the OUTPUT chain, you can use the line-number next to it to delete it.
~# iptables -D OUTPUT 30
And poof, it’s gone!